CVE-2021-22524 – Denial of service vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22524
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Un ataque de inyección causó una vulnerabilidad de denegación de servicio en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025256 https://www.microfocus.com/documentation/access-manager/5.0/accessmanager501-release-notes/accessmanager501-release-notes.html • CWE-91: XML Injection (aka Blind XPath Injection) •
CVE-2021-22527 – Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22527
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de filtrado de información en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025258 https://www.microfocus.com/documentation/access-manager/5.0/accessmanager501-release-notes/accessmanager501-release-notes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-22528 – Information leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
https://notcve.org/view.php?id=CVE-2021-22528
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Una vulnerabilidad de tipo Cross Site Scripting (XSS) Reflejado en NetIQ Access Manager versiones anteriores a 5.0.1 y 4.5.4 • https://support.microfocus.com/kb/doc.php?id=7025259 https://www.microfocus.com/documentation/access-manager/5.0/accessmanager501-release-notes/accessmanager501-release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-38123
https://notcve.org/view.php?id=CVE-2021-38123
Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication. Una vulnerabilidad de redirección abierta en Micro Focus Network Automation, que afecta a las versiones 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05 de Network Automation. La vulnerabilidad podría permitir redirigir a usuarios a sitios web maliciosos después de la autenticación • https://portal.microfocus.com/s/article/KM000001673 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2021-22525
https://notcve.org/view.php?id=CVE-2021-22525
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 Esta versión soluciona una posible vulnerabilidad de filtrado de información en NetIQ Access Manager versiones anteriores a 5.0.1 • https://support.microfocus.com/kb/doc.php?id=7025254 •